Current status & focus
Next action
Implement line-item editor and PDF/proposal export.
Architecture
Next.js App Router + TypeScript + Tailwind. Supabase for catalogue and saved quotes. Server-side PDF/proposal generation. Vercel hosting.
Design standard
Sharp, productivity-grade UI. Fast keyboard-friendly forms, clear totals, professional proposal output. RobOS design language.
Known issues & blockers
No known blockers. 5 open issue(s).
Decisions
All decisionsNo decisions logged for this project yet.
Reusable prompts
Prompt libraryCodex task brief (generic)
Repo · best with codex
QuoteOS — Codex repo task
Repo · best with codex
AI handover
QuoteOS is a quote/proposal builder (Next.js + Supabase). Codex is the primary tool — point it at the repo for line-item editor and proposal export work. PDF generation is server-side. Work under the PrimaryICT work profile.
Quick launch
cd "C:\dev\quoteos"Account & profile
Environment map
NEXT_PUBLIC_SUPABASE_URLUsed by app runtime + Vercel · value in Vercel project env
public
NEXT_PUBLIC_SUPABASE_ANON_KEYUsed by app runtime + Vercel · value in Vercel project env
public anon key
SUPABASE_SERVICE_ROLE_KEYUsed by server only · value in Vercel project env (server)
server-side proposal generation
Credentials map
All credentialsGitHub login
GitHub · Login
- Account
- rob@rob-os.com
- Secret location
- Password manager › RobOS vault › GitHub
- MFA
- Enabled
- Recovery
- Password manager › RobOS vault › GitHub › recovery
- Last reviewed
- 2026-06-13
Shared in a chat transcript on 2026-06-13 — ROTATE soon and enable a passkey. Vercel & Supabase log in via this GitHub account.
AI-safe handover: GitHub is the identity hub — Vercel and Supabase authenticate via 'Continue with GitHub'. Never request or print the GitHub password. Use a fine-grained Personal Access Token in CI via the GITHUB_TOKEN env var instead.
Vercel (via GitHub SSO)
Vercel · Oauth App
- Account
- rob@rob-os.com (GitHub SSO)
- Secret location
- No separate password — logs in via GitHub
- MFA
- Enabled
- Last reviewed
- 2026-06-13
No standalone secret; secured by the GitHub account. Use VERCEL_TOKEN for API automation later.
AI-safe handover: Vercel logs in with GitHub SSO — there is no separate Vercel password. For future API automation use a VERCEL_TOKEN env var; do not request it inline.
Supabase database password
Supabase · Login
- Account
- postgres (per project)
- Secret location
- Password manager › RobOS vault › Supabase DB; also in Supabase project settings
- MFA
- Off
- Last reviewed
- 2026-06-13
Shared in a chat transcript on 2026-06-13 — ROTATE in Supabase project settings. Dashboard login itself is via GitHub SSO.
AI-safe handover: The Supabase Postgres password is a secret. Never request, print or hardcode it. Connect using the pooled connection string from process.env (e.g. DATABASE_URL / SUPABASE_DB_URL) which I configure manually.
Supabase service role key
Supabase · Env Var
- Secret location
- Supabase project › Settings › API; injected via Vercel env (server only)
- Env var
SUPABASE_SERVICE_ROLE_KEY- MFA
- Off
- Last reviewed
- 2026-06-13
Rotate from Supabase API settings if leaked. Server-side only — never in client bundles.
AI-safe handover: Use process.env.SUPABASE_SERVICE_ROLE_KEY on the server only. Do not hardcode, print, expose to the client, or request the value. Assume I configure it manually in Vercel.